Design And Implementation Of Embedded Software Defect Analysis Tool Based On Dynamic Symbolic Execution

Software update is a crucial step in software development.Software patches usually repair the defects in old software versions and provide new functions.Automated testing of software patches is an important part of software quality assurance.Although the existing test suite can cover all paths and branches in the old version and patch version of the program,a test input may make the old version and patch version of the program show different behaviors at the source code change location.In-depth exploration of the path with different behaviors often reveals the defects introduced in the patch version,namely regression errors.The prior studies on the behavior difference between old and patch versions of software are not comprehensive and their performance are not satisfactory.This thesis proposes a multi-version unified execution model based on automated annotation,automates the piling of program intermediate representation in the preprocessing stage based on static analysis technology,and effectively realizes the split execution and state merging of multi-version programs in a single execution instance based on dynamic symbolic execution technology.Moreover,we built the proposed techniques in a tool.It alleviates the state explosion problem of symbol execution and improves the software defect analysis ability.This thesis also studies the behavior difference under the influence of data flow,designs and implements a delay difference deteramination algorithm,and further explores the paths that may expose behavior differences between program versions.In order to demonstrate the validity of test inputs that can trigger behavior differences of multi-version programs,this thesis conducts crossversion defect verification on the generated test inputs,that is,those test inputs exposing behavior differences are run on different versions,and the output differences between different versions are compared to verify whether they are the defects or regression errors on the old versions.For the defects newly introduced in the patch version,our tool analyzes their influence scope,and reports their locations,the function where a defect is located,the number of influenced functions,the total number of functions and the proportion of the latter two.Finally,the defect analysis method is applied to several real-world embedded software.Experimental results show that the tool can successfully generate test inputs that trigger the behavior difference of multiple versions of a program,and the effectiveness of the test inputs is better than that of the symbolic execution tool Shadow,Our tool found two defects that Shadow can not.The average time of defect influence analysis for eight defects in the test benchmark is 0.055 seconds.In addition,the tool can successfully identify nine kinds of defects in real-world embedded software.